| [5a9c93b] | 1 | package com.example.rezevirajmasa.demo.config;
|
|---|
| 2 |
|
|---|
| 3 | import com.auth0.jwt.JWT;
|
|---|
| 4 | import com.auth0.jwt.JWTVerifier;
|
|---|
| 5 | import com.auth0.jwt.algorithms.Algorithm;
|
|---|
| 6 | import com.auth0.jwt.interfaces.DecodedJWT;
|
|---|
| 7 | import com.example.rezevirajmasa.demo.dto.UserDto;
|
|---|
| 8 | import com.example.rezevirajmasa.demo.service.UserService;
|
|---|
| [8ca35dc] | 9 | import io.jsonwebtoken.Claims;
|
|---|
| 10 | import io.jsonwebtoken.Jwts;
|
|---|
| [5a9c93b] | 11 | import jakarta.annotation.PostConstruct;
|
|---|
| 12 | import lombok.RequiredArgsConstructor;
|
|---|
| 13 | import org.springframework.beans.factory.annotation.Value;
|
|---|
| 14 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|---|
| 15 | import org.springframework.security.core.Authentication;
|
|---|
| [8ca35dc] | 16 | import org.springframework.security.core.userdetails.UserDetails;
|
|---|
| [5a9c93b] | 17 | import org.springframework.stereotype.Component;
|
|---|
| 18 |
|
|---|
| [8ca35dc] | 19 | import java.util.*;
|
|---|
| 20 | import java.util.function.Function;
|
|---|
| [5a9c93b] | 21 |
|
|---|
| 22 | @RequiredArgsConstructor
|
|---|
| 23 | @Component
|
|---|
| 24 | public class UserAuthProvider {
|
|---|
| 25 | @Value("${security.jwt.token.secret-key:secret:value}")
|
|---|
| 26 | private String secretKey;
|
|---|
| 27 |
|
|---|
| 28 | private final UserService userService;
|
|---|
| 29 |
|
|---|
| 30 | @PostConstruct
|
|---|
| 31 | protected void init() {
|
|---|
| 32 | secretKey = Base64.getEncoder().encodeToString(secretKey.getBytes());
|
|---|
| 33 | }
|
|---|
| 34 |
|
|---|
| [8ca35dc] | 35 | public String generateToken(UserDetails userDetails){
|
|---|
| 36 | Map<String, Object> claims = new HashMap<>();
|
|---|
| 37 | return createToken(userDetails.getUsername());
|
|---|
| 38 | }
|
|---|
| 39 |
|
|---|
| [5a9c93b] | 40 | public String createToken(String login) {
|
|---|
| 41 | Date now = new Date();
|
|---|
| 42 | Date validity = new Date(now.getTime() + 3_600_000);
|
|---|
| 43 | return JWT.create()
|
|---|
| 44 | .withIssuer(login)
|
|---|
| 45 | .withIssuedAt(now)
|
|---|
| 46 | .withExpiresAt(validity)
|
|---|
| 47 | .sign(Algorithm.HMAC256(secretKey));
|
|---|
| 48 | }
|
|---|
| 49 |
|
|---|
| 50 | public Authentication validateToken(String token) {
|
|---|
| 51 | JWTVerifier verifier = JWT.require(Algorithm.HMAC256(secretKey)).build();
|
|---|
| 52 |
|
|---|
| 53 | DecodedJWT decoded = verifier.verify(token);
|
|---|
| 54 |
|
|---|
| 55 | UserDto user = userService.findByEmail(decoded.getIssuer());
|
|---|
| 56 |
|
|---|
| 57 | return new UsernamePasswordAuthenticationToken(user, null, Collections.emptyList());
|
|---|
| 58 | }
|
|---|
| [8ca35dc] | 59 |
|
|---|
| 60 | public String extractUsername(String token) {
|
|---|
| 61 | return extractClaim(token, Claims::getSubject);
|
|---|
| 62 | }
|
|---|
| 63 |
|
|---|
| 64 | public Date extractExpiration(String token) {
|
|---|
| 65 | return extractClaim(token, Claims::getExpiration);
|
|---|
| 66 | }
|
|---|
| 67 |
|
|---|
| 68 | public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
|
|---|
| 69 | final Claims claims = extractAllClaims(token);
|
|---|
| 70 | return claimsResolver.apply(claims);
|
|---|
| 71 | }
|
|---|
| 72 |
|
|---|
| 73 | private Claims extractAllClaims(String token) {
|
|---|
| 74 | return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody();
|
|---|
| 75 | }
|
|---|
| 76 |
|
|---|
| 77 | private Boolean isTokenExpired(String token) {
|
|---|
| 78 | return extractExpiration(token).before(new Date());
|
|---|
| 79 | }
|
|---|
| [5a9c93b] | 80 | }
|
|---|
